FEATURE: A Changing Healthcare Landscape and Expanded Government Regulation & Audits Increase Exposures for Providers

NASThe last several years has seen healthcare at the center of our political landscape with out-of-balance supply and demand for services and the need to find solutions for Medicare and Medicaid as more and more Americans rely on these government programs, new legislation and expanded regulations, and efforts to bring our healthcare system up to current international billing code standards, among other critical issues. In the crossfire of all these changes, healthcare providers are facing new and evolving exposures.

Published on October 2, 2012

We recently had an in-depth conversation with Genevieve Alexander, Assistant Vice President of NAS Insurance Services, about the changes occurring in healthcare and their impact on providers - from hospitals and surgical centers to emergency centers, physicians, home healthcare facilities, nursing homes, etc. Based in Encino, California, ProgramBusiness.com Storefront NAS is an independent underwriting manager that has developed leading-edge specialty products for more than 30 years. Genevieve has been with NAS for nearly nine years, and oversees the firm's MEDEFENSETM Plus, Social Services and Long Term Care products, Sexual Misconduct and Molestation Liability Insurance, and Abuse & Molestation Insurance.

Annie George (AG): Let's go over what's been happening during the last several years in the healthcare industry.

Genevieve Alexander (GA): "There are number of significant changes that have occurred in the healthcare industry. First, our country's changing demographics has more individuals entering into retirement as baby boomers leave the workforce with many looking to Medicare as their primary coverage. The recession has also forced more people to rely on Medicare and Medicaid. This has caused increased demand on an already strained healthcare system, with estimations that by 2014 Medicare will run out of money if something is not done. The government finds itself in a difficult position, as they don't have enough of a supply to meet the ever-increasing demand for healthcare.

"Part of the effort to deal with Medicare and Medicaid is to save money and eliminate fraud and abuse. As a result, the Centers for Medicare/Medicaid Services (CMS) has stepped ups its efforts with aggressive auditing of healthcare providers to ensure that improper billing is not taking place. Furthermore, these audits have also resulted in other types of alleged violations, such as HIPAA (patient privacy), STARK (physician self-referral), and EMTALA (Emergency Medical Treatment and Labor Act). In many cases, the providers don't even realize that they're in violation.

"Then you have new legislation with the Affordable Healthcare for America Act, and increased regulation and oversight, such as the HiTech Act. As a result, healthcare providers today are being micromanaged in a way that they have never been before.

"Basically, you're seeing that a provider's exposures goes well beyond medical malpractice, and they are not properly insured to defend against these allegations. For example, in the past, a healthcare provider most likely had some type of defense coverage for HIPAA, but fines and penalties associated with these violations may not have been covered. Fines and penalties for HIPAA were once at $25,000; today they've increased with a four-tier penalty process that goes up to $1.5 million."

AG: Who is doing the auditing?

GA: "The CMS has contracted firms to conduct these audits, but the problem is that these firms are not in the healthcare arena. Audits can be done at the provider's facility, or electronically. The auditors have their own systems in place to compile data into one concise database so they can easily mine for billing errors. Some IT firms are even jumping into the fray, which is alarming. They believe they have sophisticated systems in place to do the data mining and have purchased auditing firms. The government has also hired national defense contractors. For example, the CMS hired Northrop Grumman to come in and create algorithms to find aberrant billing patterns. What this all means is that you have people unfamiliar with the industry doing the auditing, with the government giving contractors an extensive umbrella in the ways in which they can conduct these audits.

"These efforts so far have been successful. There are about 250,000 medical groups across the United States, with approximately 25% having been audited. The CMS has estimated that in 2011, $4.1 billion in fraud and abuse was recovered, and it's estimated that about $65 billion is being improperly billed for Medicare and Medicaid. Additionally, under the Affordable HealthCare Act, $350 million was allocated for fraud and abuse prevention audits. The request for funding has now nearly doubled and you're going to see an additional $610 million being asked in funding for more audits. The likelihood is that in 2013 we will be seeing a lot more audits and allegations."

Genevieve explained that Medicare and Medicaid audits have been in place for years. In fact, Congress established the Medicare Recovery Audit Contractor (RAC) program as a three-year pilot under the Medicare Modernization Act of 2003 (MMA) to identify and recover overpayments. Third-party contractors conducted the audits and were paid on a contingency fee basis for overpayments they found. The three-year test program took place in California, Florida, New York, Massachusetts, South Carolina, and Arizona and collected over $900 million. It was so successful they decided to take the program nationally and in ways that were not previously done. "Contract auditors working under different acronyms now conduct audits without giving the healthcare entity any warning. They request medical records and information about the relationships the provider has with other facilities," said Genevieve. "We've had insureds call their attorneys and ask if they had to provide the information and their attorneys would say yes. These audits then open up exposures involving HIPAA, STARK, and EMTALA violations. Furthermore, the audits can be done electronically and without the provider knowing."

The RAC program has also expanded into Medicaid, with expectations set at recovering $2.1 billion in the next five years. According to the government, in 1997 they collected $5.01 for every dollar spent. During 2009-2011 for every dollar spent on these audits, the government has collected $7.20, which amounts to a 41% ROI increase.

AG: What types of violations in addition to the billing problems are they finding?

GA: "They vary from privacy to STARK violations and others. For example, if you're a physician and have an administrator scheduling appointments for patients and you accidently set the calendar for public viewing without being aware of it, you're in violation of privacy regulations. Under the STARK law, if you're a physician and have ownership in a diagnostic facility and you refer patients to that facility, you're required to let your patients know about your ownership and provide them with a list of choices. If you don't you're in violation. The audits being done to look for improper billing may end up leaving a provider with a HIPAA or other violation. All of these activities are putting healthcare providers in a perilous position where they can get hit with allegations of improper violations, and they never see it coming. It's a residual effect."

AG:  What other issues are healthcare providers facing that open them up to exposures?

GA: "The healthcare industry is in the midst of transitioning to electronic medical records, as mandated by law. The industry is also having to convert from using International Classification of Diseases (ICD) Version 9 to Version 10. The United States is the last developed country in the world using an old billing system (ICD 9) and undergoing the conversion to ICD 10 is not a simple one-to-one conversion. So, our healthcare system, in the middle of having to deal with electronic records and billing audits, is now also coping with an upcoming conversion from using 15,000 codes under which to bill, to a new system with over 155,000 codes under ICD Version 10. The likelihood of making billing mistakes will skyrocket.

"What's more, physicians are also performing new administrative services in order to shore up their declining revenues and these services may require E&O independent of conventional medical malpractice. These services include Independent Medical Evaluations, Expert Witness, Patient Advocacy, etc. On the entity side, there is ACO E&O. NAS is at the forefront of providing solutions in these areas."  

AG: Do providers fight the allegations against them?

GA: "It's a very expensive and long process, so most of the time no. About 7% appeal with the rest paying the amounts for improper billing. Providers are unaware that the likelihood is 70% of the time you can win when you appeal the allegations made against you.

"Once the government audit is done, you'll get notified of the alleged violation. From the date of the notice, you have 30 to 60 days to respond. You have to decide whether you will defend yourself or pay the violation. But when you have an allegation against you by the government, you normally don't know where to go. The first thing you need to do is make sure you have individuals working with you that know how to appeal the government. You can end up going through a five-step appeals process that can take up to 24 months and cost significant money, especially if you don't have insurance coverage."

AG: What type of coverage does NAS make available and is it expensive?

GA: "Our MEDEFENSE PLUSTM product provides coverage for defense costs and civil fines and penalties coverage for billing errors, HIPAA, EMTALA, and STARK proceedings. Coverage is provided for anyone that has national provider number - hospitals, medical groups, surgical groups, home healthcare groups, nursing home facilities - and billing Medicaid/Medicare and network providers. You're also seeing audits done by commercial payors (such as HealthNet, Aetna, Blue Shield, etc.), wanting to ensure agreements are being properly followed.

"Coverage is not expensive. For a single physician, for $1 million of MEDEFENSE PLUSTM with a $1,000 deductible, you're looking at a premium of $1,500. The maximum coverage is $10 million. The program is with Lloyd's of London, available nationally, and on an open-access basis.

"We created the product about 25 years ago primarily for medical board procedure coverage and it evolved into what it provides today. We're the first in this space, specializing in this market, and continue to lead the market with this product."

For more information on NAS and MEDEFENSE PLUSTM, please contact Genevieve Alexander at (818) 808-4463, or via email at: galexander@nasinsurance.com.